Attorney Docket No.: 1033-T00525 



WHAT IS CLAIMED IS: 

1. A method of network authentication comprising: 

receiving a common user credential from a user seeking access to an information 
network; 

generating a unique credential for the user that comprises network specific 
information associated with a connection of the user; and 

considering the unique credential in connection with making an authentication 
decision for the user. 

2. The method of claim 1, further comprising: 

receiving the common user credential from a different user seeking access to the 
information network; 

generating a different unique credential for the different user that comprises 
different network specific information; and 

considering the different unique credential in connection with making an 
authentication decision for the different user. 

3. The method of claim 1, wherein the connection of the user comprises an xDSL 

link. 

4. The method of claim 1, wherein the connection of the user comprises a link at 
least partially supported by a cable modem. 

5. The method of claim 1, further comprising utilizing a network node to 
generate the unique credential. 

6. The method of claim 1, wherein the network specific information comprises a 
unique circuit identification number associated with an ADSL connection. 
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7. The method of claim 1, wherein the network specific information comprises a 
virtual circuit identification associated with ADSL routing. 

8. The method of claim 1, further comprising tracking a metric associated with 
the user. 

9. The method of claim 8, wherein the metric is selected from the group 
consisting of an access control metric, a payment metric, and a security metric. 

10. The method of claim 1, further comprising utilizing a network node to 
generate the unique credential, wherein the network node comprises an authentication 
server and an interface operable to receive the common user credential. 

1 1 . The method of claim 1 , further comprising: 

determining that the user does not have access rights to the information network; 

and 

initiating communication of a deny response. 

12. The method of claim 1, wherein the network specific information comprises 
network generated information that is unique to a connection in use by the user. 

13. The method of claim 1, wherein the network specific information comprises 
information that is unique to a physical location of the user. 
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14. An authentication system, comprising: 

an interface operable to receive an authentication request from a PPPoE client of 
a given user; 

a customizing engine communicatively coupled to the interface and operable to 
add a unique identifier for the given user to the authentication request; and 

an output device communicatively coupled to the customizing engine and 
operable to output the unique identifier to an access engine for authentication of the given 
user. 

15. The system of claim 14, further comprising a network node that comprises 
the interface, the customizing engine, and the output device. 

16. The system of claim 14, further comprising the access engine, wherein the 
access engine is communicatively coupled to a repository comprising acceptable 
credentials, further wherein the access engine is operable to compare the unique identifier 
against the acceptable credentials as a part of granting access rights to the given user. 

17. The system of claim 14, wherein the authentication request from the PPPoE 
client comprises an included identifier, further wherein the customizing engine is further 
operable to remove included identifier prior to an outputting of the authentication request 
to the access engine. 

18. The system of claim 14, wherein the authentication request from the PPPoE 
client comprises an included identifier that does not uniquely identify the given user. 

19. The system of claim 14, further comprising a piece of customer premises 
equipment comprising a broadband modem, the broadband modem operable to output the 
authentication request to the interface. 
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20. The system of claim 19, further comprising a service provider network node 
that comprises the interface, the customizing engine, and the output device. 

21 . The system of claim 20, further comprising: 

a communication path operable to form at least a part of an interconnection 
between the broadband modem and the Public Internet; and 

the access engine, wherein the access engine is communicatively coupled to a 
repository comprising acceptable credentials, further wherein the access engine is 
operable to compare the unique identifier against the acceptable credentials as a part of 
granting the given user an access right to the communication path. 

22. The system of claim 2 1 , wherein the unique identifier comprises a unique 
circuit identification number associated with an ADSL connection. 

23. The system of claim 21, wherein the unique identifier comprises network 
generated information that is unique to a connection in use by the given user. 

24. The system of claim 23, wherein the unique identifier does not uniquely 
identify the piece of customer premises equipment or the broadband modem. 
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25. A computer-readable medium having computer-readable data to receive a 
request for access to an information network, the request comprising a credential; to 
replace the credential with a network generated credential that uniquely identifies a 
connection in use by a user seeking access to the information network; to compare the 
network generated credential against a stored collection of acceptable credentials; and, to 
issue a permit response if the network generated credential is acceptable. 

26. The computer-readable medium of claim 25, wherein the credential comprises 
a commonly assigned credential that does not uniquely identify a requestor. 
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